4871648ef8b37504b19ff67283a2a658_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4871648ef8b37504b19ff67283a2a658_JaffaCakes118
Size

55KB
MD5

4871648ef8b37504b19ff67283a2a658
SHA1

3c935116d55e05be3126da7398e0e00264ac176e
SHA256

ca9d2560043605778fba91f71ec680a5f9e4f324b8425dcaf4096fb8961ad02d
SHA512

4deb6b97d87234f3ffd29bf7490728371285162fa2e7de579fca35dd37703a4380cf1f732c0ee8103969bd4a8602ae6a260d80cea5b7d310b939ebb7b3b248ac
SSDEEP

1536:FX/4isLma94WeamYtm8sJX456F2gKTg+W+LUo:lds394UmYtm3FWg+W+LU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4871648ef8b37504b19ff67283a2a658_JaffaCakes118

Files

4871648ef8b37504b19ff67283a2a658_JaffaCakes118
.dll windows:5 windows x86 arch:x86

741a61586043d92549618196e7a3d697

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
SetThreadPriority
WriteFile
InitializeCriticalSection
GetProcAddress
TerminateProcess
IsDBCSLeadByteEx
LeaveCriticalSection
GlobalSize
CloseHandle
GetModuleHandleA
GetOEMCP
IsProcessorFeaturePresent
WideCharToMultiByte
GlobalFree
WaitForMultipleObjects
UnmapViewOfFile
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
EnterCriticalSection
CreateThread
MapViewOfFile
SetHandleCount
CreateFileMappingA
GetFileTime
VirtualQuery
GetSystemTimeAsFileTime

crypovau

ImmGetCompositionWindow
ImmGetRegisterWordStyleA
PifMgr_SetProperties
ImmGetCandidateListA
ImmSetCompositionStringA
ImmSetCompositionWindow
CtfAImmDeactivate
SdbGetBinaryTagData
PifMgr_CloseProperties
DAD_DragLeave
ImmDestroyContext
ImmUnlockClientImc
ILCombine
SdbCloseDatabase
ImmTranslateMessage
ImmDisableIme
ImmGetAppCompatFlags
ExtractIconEx
DoEnvironmentSubstA
RestartDialog
ImmGetContext
ImmGetImeInfoEx
SdbFindNextMsiPackage
DAD_DragEnterEx
CtfAImmActivate
ImmUnlockIMCC
PathResolve
PrintersGetCommand_RunDLL
ImmSetActiveContextConsoleIME
DllGetClassObject
PifMgr_OpenProperties
SdbOpenApphelpDetailsDatabase
IsLFNDrive
ImmReleaseContext
RestartDialogEx
ShimFlushCache
ImmSetActiveContext
CheckEscapesA
SdbGetMsiPackageInformation
SdbReadStringTagRef
ILSaveToStream
ImmGetCandidateListCountA

gdi32

GetBitmapBits
SetBrushOrgEx
Polyline
SetBkColor
LineTo
GetCharWidthA
GetDIBits
EndDoc
Pie
GetTextCharsetInfo
GetMetaFileBitsEx
GetCurrentObject
SetBkMode
CreateDIBSection
StretchDIBits
SetAbortProc

user32

MessageBeep
FlashWindow
GetMessageExtraInfo
GetWindow
GetUpdateRect
GetActiveWindow
GetWindowWord
GetSysColor
GetDlgItem
ShowWindow
DrawIconEx
PostQuitMessage
GetKeyState
GetScrollInfo
GetSystemMetrics
EndPaint
IsWindow
EmptyClipboard
IntersectRect
SetKeyboardState
SetRectEmpty
DestroyMenu

advapi32

AllocateAndInitializeSid
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
AccessCheck
CryptGetHashParam
CryptCreateHash
GetSecurityDescriptorDacl
EqualSid
RegCloseKey
GetPrivateObjectSecurity

ole32

GetHGlobalFromStream
WriteFmtUserTypeStg
CoTaskMemAlloc
GetHGlobalFromILockBytes
OleCreateFromData
CoUninitialize
CoLockObjectExternal
IsAccelerator

msvcrt

memmove
_controlfp
_adjust_fdiv
__p__commode

Exports

Exports

CreateProcessNotify
pinginst

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

741a61586043d92549618196e7a3d697

Headers

File Characteristics

Imports

kernel32

crypovau

gdi32

user32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB